CA Releasing Revamped Mainframe Access Tools

While companies are aggressively retooling their network and desktop ID management systems to comply with federal data security regulations, mainframes often fall through the cracks, according to CA.

Computer Associates will release updated versions of its mainframe identity and access management applications on June 5, promising stronger tools for locking down big iron systems and cleaning out expired user privileges.
The Islandia, N.Y., business software maker introduced three new packages for mainframes, with two products aimed squarely at allowing companies to update their system access controls and one focused on tracking down out-of-date end-user accounts. In addition to improving overall security for mainframe computers, the applications are meant to help customers fall in line with the data-access monitoring elements of government regulations such as the United States Sarbanes-Oxley Act.

Designed specifically for use on IBMs z/OS operating system, CA officials said the tools address an area of ID management often overlooked by companies that assume their mainframes are inherently more secure than other systems. While government compliance auditors havent yet begun to focus on mainframes, said Lina Liberti, vice president of product marketing for security management at CA, companies need to begin preparing for that eventuality today.
"The reality is that mainframes are most often assumed to be secure because its the one platform thats always had security, and no one would ever consider running one without it, while other platforms like wireless needed to be addressed after the fact," said Liberti. "Auditors havent looked at mainframes much to this point, but they will based on the massive amounts of information stored in these systems, and companies will need to address this sooner rather than later."
CA claims the new releases of its eTrust CA-ACF2 Security, eTrust CA-Top Secret Security and eTrust Cleanup software offer improved automation for management of user access rights in addition to new reporting and auditing capabilities meant to aid compliance with regulations such as Sarbanes-Oxley, HIPAA (Health Insurance Portability and Accountability Act), Basel II and Canadas PIPEDA. The three products are being pitched by the vendor as integrated components of its overall access management software portfolio, with the ability to mesh with the companys desktop and network identity tools.
Among the improvements promised in the ninth edition of the eTrust CA-ACF2 Security and eTrust CA-Top Secret Security programs are support for longer and more uniform passwords, more powerful access auditing capabilities, and automated status reports for systems administrators. Additions to eTrust Cleanup 2.2, which is used specifically to hunt down expired user accounts, include the ability to create consolidated ID account reports, including the ability to create profiles for individual users or company departments.
At least one CA customer said the revamped tools are already coming in handy.
"Our students are the universitys largest and most important asset, so we must do everything we can to ensure the privacy of their information," said Joanne Kelly, senior information security analyst at Boston University. "By using mainframe security products, we can more easily ensure that only authorized users have access to critical data and that unused user IDs and access rights are deleted from the system."
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.